Hi,
I tried to configure my LDAP authentification using a CA certificate.
Test Connectivity is successful also Test User credentials.
Before my VPN worked fine. I deleted my user (first from group) then I recreated it. No problem I can browse LDAP.
I didn't change anything to my client. I waited a few minute sbefore trying. But everytime it fails at 80% and looking at logs : Events, VPn it says :
Reasonsslvpn_login_unknown_user
Tried on another Fortinet, same result. What am I doing wrong ?
Not e: I followed
https://www.infosecmonkey.com/2019/04/20/secure-ldap-and-ad-password-change-via-forticlient/
Thanks !
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
what do you mean with deleted your user?
is the user or usergroup still allowed on the sslvpn firewall policy?
It means. I unregistred it and register it back by browsing ladp
ok, not sure if that has any effect
and .. is the user or usergroup still allowed on the sslvpn firewall policy?
If I change using LDAP without SSL it works... But I need it for the renew password option
the cookbook suggests this works with LDAPS enabled
Did you upload your domains CA to the firewall? (I'm assuming you're using a Windows Domain as your LDAP source)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1645 | |
1070 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.